Tag Archive

Are you planning on attending RSA in San Francisco this April? An early peek at session topics offered: GDPR, blockchain, ransomware, diversity, and cybersecurity training for parents. I’m interested in the RSAC Innovation Sandbox contest being held on Monday. Last year, the RSAC broke their record at over 43,000 attendees!

Your security strategy needs to be NIMBLE, ELASTIC and FLEXIBLE or you will not be able to deal with the inevitable security incidents that will arise despite your best laid plans and designs. No environment stays static over time – and therefore no threat model is a constant model.

Blind trust in identity is no longer a viable option for today’s world – but that doesn’t mean we can just jettison identity as a core asset – we just need to apply the “appropriate level of trust” to identity, and then apply that level of trust to how we access digital assets.

Any given security mitigation can, and will, eventually go obsolete based on changes in the environment. The question becomes: how can we tell when a mitigation is losing its effectiveness? When is it time to double-down on what’s working or divest of what we no longer need to maintain a secure environment?

What is Imminent Obsolescence? If you are running a business in today’s world of almost constant technology change – your security mitigations will eventually become more ineffectual for you over time unless you are watching for Imminent Obsolescence.